Saturday, March 20, 2021

Use NMAP to identify Microsoft Exchange Vulnerabilities.

Reference:

https://github.com/microsoft/CSS-Exchange/tree/main/Security

https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/

https://www.exploit-db.com/exploits/49663


PS: The NMAP script, http-vuln-exchange.nse, has been created by Microsoft Senior Threat Intelligence Analyst Kevin Beaumont to identify those Microsoft Exchange servers vulnerable to the recent Exchange vulnerabilities including CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.


# cd /usr/share/nmap/scripts

# wget https://raw.githubusercontent.com/GossiTheDog/scanning/main/http-vuln-exchange.nse

# nmap TARGET_IP -p 443 —script http-vuln-exchange

No comments:

Post a Comment